chore: sync updates.xml 05.14.00 from main [skip ci]

Fix three gaps that prevented per-unit public access from working on
private repositories:

1. Git HTTP handler (githttp.go): allow anonymous git pull for private
   repos when the target unit (code or wiki) has AnonymousAccessMode
   set to read. Previously only checked repo.IsPrivate.

2. Permission engine (repo_permission.go): call
   finalProcessRepoUnitPermission for anonymous users on private repos
   so that unit-level anonymous access modes are populated. Previously
   returned early with AccessModeNone, skipping anonymous mode setup.

3. Search/explore (repo_list.go): include private repos that have at
   least one unit with anonymous_access_mode > 0 in search results,
   so anonymous users can discover repos with public sections.

The existing settings UI at /settings/public_access already allows
configuring per-unit visibility. The home page redirect to the first
readable unit (e.g. wiki) also already works via checkHomeCodeViewable.

Closes #238

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

models/perm/access/repo_permission.go

@@ -405,8 +405,11 @@ func GetIndividualUserRepoPermission(ctx context.Context, repo *repo_model.Repos
 	perm.units = repo.Units
 
 	// anonymous user visit private repo.
+	// Still process unit-level anonymous access so that units with
+	// AnonymousAccessMode (e.g. public wiki on a private repo) are visible.
 	if user == nil && repo.IsPrivate {
 		perm.AccessMode = perm_model.AccessModeNone
+		finalProcessRepoUnitPermission(user, &perm)
 		return perm, nil
 	}
 

models/repo/repo_list.go

@@ -673,6 +673,14 @@ func AccessibleRepositoryCondition(user *user_model.User, unitType unit.Type) bu
 		cond = userAllPublicRepoCond(cond, orgVisibilityLimit)
 	}
 
+	// Include private repos that have at least one unit with public anonymous access.
+	// This enables discovery of repos where e.g. wiki or releases are public.
+	cond = cond.Or(builder.In("`repository`.id",
+		builder.Select("repo_id").From("repo_unit").Where(
+			builder.Gt{"anonymous_access_mode": 0},
+		),
+	))
+
 	if user != nil {
 		// 2. Be able to see all repositories that we have unit independent access to
 		// 3. Be able to see all repositories through team membership(s)

routers/web/repo/githttp.go

@@ -128,7 +128,15 @@ func httpBase(ctx *context.Context, optGitService ...string) *serviceHandler {
 	}
 
 	// Only public pull don't need auth.
-	isPublicPull := repoExist && !repo.IsPrivate && isPull
+	// For private repos, also allow anonymous pull if the specific unit
+	// (code or wiki) has AnonymousAccessMode >= Read.
+	isPublicPull := repoExist && isPull && !repo.IsPrivate
+	if repoExist && isPull && repo.IsPrivate {
+		repoUnit := repo.MustGetUnit(ctx, unitType)
+		if repoUnit.AnonymousAccessMode >= perm.AccessModeRead {
+			isPublicPull = true
+		}
+	}
 	askAuth := !isPublicPull || setting.Service.RequireSignInViewStrict
 
 	// don't allow anonymous pulls if organization is not public

updates.xml

@@ -1,23 +1,23 @@
 <?xml version='1.0' encoding='UTF-8'?>
 <!-- Copyright (C) 2026 Moko Consulting <hello@mokoconsulting.tech>
  SPDX-License-Identifier: GPL-3.0-or-later
- VERSION: 05.02.00
+ VERSION: 05.14.00
  -->
 
 <updates>
   <update>
-    <name>Application - MokoGitea</name>
-    <description>Application - MokoGitea dev build.</description>
+    <name>MokoGitea</name>
+    <description>MokoGitea dev build.</description>
     <element>mokogitea</element>
     <type>application</type>
     <client>site</client>
-    <version>05.02.00-dev</version>
+    <version>05.05.00-dev</version>
     <creationDate>2026-05-30</creationDate>
-    <infourl title="Application - MokoGitea">https://git.mokoconsulting.tech/MokoConsulting/MokoGitea/releases/tag/development</infourl>
+    <infourl title="MokoGitea">https://git.mokoconsulting.tech/MokoConsulting/MokoGitea/releases/tag/development</infourl>
     <downloads>
-      <downloadurl type="full" format="zip">https://git.mokoconsulting.tech/MokoConsulting/MokoGitea/releases/download/development/mokogitea-05.02.00-dev.zip</downloadurl>
+      <downloadurl type="full" format="zip">https://git.mokoconsulting.tech/MokoConsulting/MokoGitea/releases/download/development/mokogitea-05.05.00-dev.zip</downloadurl>
     </downloads>
-    <sha256>a3ca6159a3ff878150906852dfa994eabe58f9e62fb5b224dea2a3593013bc8b</sha256>
+    <sha256>4fee9eb03e4b819a63bce2ceb54fdce0d3eb8bf5b31460fcc42e5ecd75cc856e</sha256>
     <tags><tag>dev</tag></tags>
     <changelogurl>https://git.mokoconsulting.tech/MokoConsulting/MokoGitea/raw/branch/main/CHANGELOG.md</changelogurl>
     <maintainer>Moko Consulting</maintainer>
@@ -25,18 +25,18 @@
     <targetplatform name="go" version=".*"/>
   </update>
   <update>
-    <name>Application - MokoGitea</name>
-    <description>Application - MokoGitea alpha build.</description>
+    <name>MokoGitea</name>
+    <description>MokoGitea alpha build.</description>
     <element>mokogitea</element>
     <type>application</type>
     <client>site</client>
-    <version>05.02.00-alpha</version>
+    <version>05.05.00-alpha</version>
     <creationDate>2026-05-30</creationDate>
-    <infourl title="Application - MokoGitea">https://git.mokoconsulting.tech/MokoConsulting/MokoGitea/releases/tag/alpha</infourl>
+    <infourl title="MokoGitea">https://git.mokoconsulting.tech/MokoConsulting/MokoGitea/releases/tag/alpha</infourl>
     <downloads>
-      <downloadurl type="full" format="zip">https://git.mokoconsulting.tech/MokoConsulting/MokoGitea/releases/download/alpha/mokogitea-05.02.00-alpha.zip</downloadurl>
+      <downloadurl type="full" format="zip">https://git.mokoconsulting.tech/MokoConsulting/MokoGitea/releases/download/alpha/mokogitea-05.05.00-alpha.zip</downloadurl>
     </downloads>
-    <sha256>a3ca6159a3ff878150906852dfa994eabe58f9e62fb5b224dea2a3593013bc8b</sha256>
+    <sha256>4fee9eb03e4b819a63bce2ceb54fdce0d3eb8bf5b31460fcc42e5ecd75cc856e</sha256>
     <tags><tag>alpha</tag></tags>
     <changelogurl>https://git.mokoconsulting.tech/MokoConsulting/MokoGitea/raw/branch/main/CHANGELOG.md</changelogurl>
     <maintainer>Moko Consulting</maintainer>
@@ -44,18 +44,18 @@
     <targetplatform name="go" version=".*"/>
   </update>
   <update>
-    <name>Application - MokoGitea</name>
-    <description>Application - MokoGitea beta build.</description>
+    <name>MokoGitea</name>
+    <description>MokoGitea beta build.</description>
     <element>mokogitea</element>
     <type>application</type>
     <client>site</client>
-    <version>05.02.00-beta</version>
+    <version>05.05.00-beta</version>
     <creationDate>2026-05-30</creationDate>
-    <infourl title="Application - MokoGitea">https://git.mokoconsulting.tech/MokoConsulting/MokoGitea/releases/tag/beta</infourl>
+    <infourl title="MokoGitea">https://git.mokoconsulting.tech/MokoConsulting/MokoGitea/releases/tag/beta</infourl>
     <downloads>
-      <downloadurl type="full" format="zip">https://git.mokoconsulting.tech/MokoConsulting/MokoGitea/releases/download/beta/mokogitea-05.02.00-beta.zip</downloadurl>
+      <downloadurl type="full" format="zip">https://git.mokoconsulting.tech/MokoConsulting/MokoGitea/releases/download/beta/mokogitea-05.05.00-beta.zip</downloadurl>
     </downloads>
-    <sha256>a3ca6159a3ff878150906852dfa994eabe58f9e62fb5b224dea2a3593013bc8b</sha256>
+    <sha256>4fee9eb03e4b819a63bce2ceb54fdce0d3eb8bf5b31460fcc42e5ecd75cc856e</sha256>
     <tags><tag>beta</tag></tags>
     <changelogurl>https://git.mokoconsulting.tech/MokoConsulting/MokoGitea/raw/branch/main/CHANGELOG.md</changelogurl>
     <maintainer>Moko Consulting</maintainer>
@@ -63,18 +63,18 @@
     <targetplatform name="go" version=".*"/>
   </update>
   <update>
-    <name>Application - MokoGitea</name>
-    <description>Application - MokoGitea rc build.</description>
+    <name>MokoGitea</name>
+    <description>MokoGitea rc build.</description>
     <element>mokogitea</element>
     <type>application</type>
     <client>site</client>
-    <version>05.02.00-rc</version>
+    <version>05.05.00-rc</version>
     <creationDate>2026-05-30</creationDate>
-    <infourl title="Application - MokoGitea">https://git.mokoconsulting.tech/MokoConsulting/MokoGitea/releases/tag/release-candidate</infourl>
+    <infourl title="MokoGitea">https://git.mokoconsulting.tech/MokoConsulting/MokoGitea/releases/tag/release-candidate</infourl>
     <downloads>
-      <downloadurl type="full" format="zip">https://git.mokoconsulting.tech/MokoConsulting/MokoGitea/releases/download/release-candidate/mokogitea-05.02.00-rc.zip</downloadurl>
+      <downloadurl type="full" format="zip">https://git.mokoconsulting.tech/MokoConsulting/MokoGitea/releases/download/release-candidate/mokogitea-05.05.00-rc.zip</downloadurl>
     </downloads>
-    <sha256>a3ca6159a3ff878150906852dfa994eabe58f9e62fb5b224dea2a3593013bc8b</sha256>
+    <sha256>4fee9eb03e4b819a63bce2ceb54fdce0d3eb8bf5b31460fcc42e5ecd75cc856e</sha256>
     <tags><tag>rc</tag></tags>
     <changelogurl>https://git.mokoconsulting.tech/MokoConsulting/MokoGitea/raw/branch/main/CHANGELOG.md</changelogurl>
     <maintainer>Moko Consulting</maintainer>
@@ -82,18 +82,18 @@
     <targetplatform name="go" version=".*"/>
   </update>
   <update>
-    <name>Application - MokoGitea</name>
-    <description>Application - MokoGitea stable build.</description>
+    <name>MokoGitea</name>
+    <description>MokoGitea stable build.</description>
     <element>mokogitea</element>
     <type>application</type>
     <client>site</client>
-    <version>05.02.00</version>
-    <creationDate>2026-05-30</creationDate>
-    <infourl title='Application - MokoGitea'>https://git.mokoconsulting.tech/MokoConsulting/MokoGitea/releases/tag/stable</infourl>
+    <version>05.14.00</version>
+    <creationDate>2026-05-31</creationDate>
+    <infourl title='MokoGitea'>https://git.mokoconsulting.tech/MokoConsulting/MokoGitea/releases/tag/stable</infourl>
     <downloads>
-      <downloadurl type='full' format='zip'>https://git.mokoconsulting.tech/MokoConsulting/MokoGitea/releases/download/stable/mokogitea-05.02.00.zip</downloadurl>
+      <downloadurl type='full' format='zip'>https://git.mokoconsulting.tech/MokoConsulting/MokoGitea/releases/download/stable/mokogitea-05.14.00.zip</downloadurl>
     </downloads>
-    <sha256>a3ca6159a3ff878150906852dfa994eabe58f9e62fb5b224dea2a3593013bc8b</sha256>
+    <sha256>bec4bf5a1a841f8e72d9826451004db5d8afc70144231dfedc7fb01a6695955c</sha256>
     <tags><tag>stable</tag></tags>
     <changelogurl>https://git.mokoconsulting.tech/MokoConsulting/MokoGitea/raw/branch/main/CHANGELOG.md</changelogurl>
     <maintainer>Moko Consulting</maintainer>